内网主机名解析相关类DNS协议记录
来自三线的随记
windows 内网解析主机名用到的常见相关协议
- MDNS
- LLMNR (windows默认开启)
- NBNS
- 路由器自己发现了设备(通过arp / dhcp lease ..),路由器DNS实现解析的
Linux 开启 LLMNR支持(不能在生产环境开启,有安全风险)
相关: systemd update :: https://linoxide.com/linux-how-to/install-systemd-centos-redhat/
- 安装systemd-resolved
- 配置开启LLMNR
- 关闭防火墙或者放行相关规则
systemd-resolved install steps (低于linux 8需要升级systemd并且安装systemd-resolved)
[root@master-1 ~]# rpm -q systemd systemd-resolved systemd-219-57.el7.x86_64 package systemd-resolved is not installed
# yum install systemd-resolved Dependencies Resolved ============================================================================================================================================================= Package Arch Version Repository Size ============================================================================================================================================================= Installing: systemd-resolved x86_64 219-67.el7_7.2 updates 412 k Installing for dependencies: json-c x86_64 0.11-4.el7_0 base 31 k Updating for dependencies: cryptsetup-libs x86_64 2.0.3-5.el7 base 338 k systemd x86_64 219-67.el7_7.2 updates 5.1 M systemd-libs x86_64 219-67.el7_7.2 updates 411 k systemd-sysv x86_64 219-67.el7_7.2 updates 88 k Transaction Summary ============================================================================================================================================================= Install 1 Package (+1 Dependent package) Upgrade ( 4 Dependent packages) Total download size: 6.3 M
[root@master-1 ~]# rpm -q systemd systemd-resolved systemd-219-67.el7_7.2.x86_64 systemd-resolved-219-67.el7_7.2.x86_64
sed -ir "s/^(#)?LLMNR.*/LLMNR=yes/" /etc/systemd/resolved.conf
systemctl --now enable systemd-resolved
[root@master-1 ~]# ss -anptu | grep resolve
udp UNCONN 0 0 *:5355 *:* users:(("systemd-resolve",pid=28108,fd=12))
udp UNCONN 0 0 [::]:5355 [::]:* users:(("systemd-resolve",pid=28108,fd=11))
tcp LISTEN 0 128 *:5355 *:* users:(("systemd-resolve",pid=28108,fd=14))
tcp LISTEN 0 128 [::]:5355 [::]:* users:(("systemd-resolve",pid=28108,fd=15))
注意
centos 需要 /etc/nsswitch.conf 中 hosts 需要添加 resolve 以开启 nss 模块
如
#hosts: db files nisplus nis dns hosts: files dns myhostname resolve
>= linux 8开启LLMNR
sed -ir "s/^(#)?LLMNR.*/LLMNR=yes/" /etc/systemd/resolved.conf
systemctl --now enable systemd-resolved
修改 /etc/nsswitch.conf 文件 host 块值添加resolve, 注意在nsswitch.conf 文件中 [NOTFOUND=return] 意味着如果前面的方法返回没有结果那么搜索就会停止
hosts: files dns myhostname resolve
resolvectl status
systemd-resolve --status
systemd-resolve {hostname / domain}
resolvectl query {hostname / domain}
Extra information
- systemd-resolve解析服务默认监听在 127.0.0.53%lo:53
- /var/run/systemd/resolve 文件夹下的配置文件可用于建立软连接,部分发行版os默认会建立软连接/etc/resolv.conf到systemd-resolved,然后由systemd-resolved接管系统DNS配置
- LLMNR默认依靠UDP 5355通讯
- LLMNR由于协议的广播性以及无认证性有中间人攻击安全风险
参考
http://www.jinbuguo.com/systemd/nss-resolve.html
http://man7.org/linux/man-pages/man8/nss-resolve.8.html
